Network usage and capabilities are both increasing at high rates. For example, the traffic load on the National Science Foundation's NSFNET backbones in the United States doubles every few months. Much of this increased traffic is due to the increased connectivity provided by interconnection with other networks, large numbers of personal workstations connected to LANs, and large numbers of computers connected via 9600 bit per second (bps) dial-ins. Much of this traffic is traditional Internet (inter-network) traffic, e.g., electronic mail, netnews, and file transfer, although a significant percentage of traffic is due to remote terminal sessions via login and telnet.
Networks are improving in a number of ways. Bandwidth is the most important area in which improvement is taking place, as bandwidth can be used to achieve a variety of other quality-of-service goals. In the very near future, network technologies with bandwidths near 1 Gbps will be deployed in several areas of the United States. See "Gigabit Testbed Initiative Summary," Corporation for National Research Initiatives, 1985 Preston White Drive, Suite 100, Reston, Va. 22091 USA (January, 1992) info@nri.reston,va,us.
AURORA, for example, is an experimental wide area network testbed whose main objective is the exploration and evaluation of network technologies. The Gbps network will link four sites:
(1) Bellcore's Morristown Research and Engineering Laboratory in Morristown, N.J.; PA1 (2) IBM Research's Computer Science Laboratory in Hawthorne, N.Y.; PA1 (3) MIT's Laboratory for Computer Science in Cambridge, Mass.; PA1 (4) University of Pennsylvania's Distributed Systems Laboratory in Philadelphia, Pa. The topology of AURORA is illustrated in FIG. 1.
Among the applications envisioned for gigabit per second networks (e.g., AURORA) are interactive teleconferencing, advanced multimedia systems with support for sensory data, and advanced displays with extremely high-quality imaging capabilities. Many of these applications would not be possible without large available bandwidths. Many more applications can be imagined, and it is expected that many may be commercialized.
Many proposed applications, however, will not be feasible without significant attention paid to the issue of security. Traditionally, security schemes relied on either administrative means (e.g., systems with extremely restricted access, careful monitoring and audits) or cryptographic support, or a combination of these techniques. Since networks, by their nature, require distributed control, cryptographic means have somewhat more utility than solely administrative means to achieve security. A detailed survey of cryptographic techniques is available in D. R. Denning, Cryptography and Data Security, Addison-Wesley (1982).
The major axes of choice are: choice of encryption algorithm, hardware or software implementation, and placement of cryptographic support in a networking architecture. Of the available cryptographic methods that have withstood significant attack, the Data Encryption Standard (DES) (described in NBS, Data Encryption Standard (FIPS Publication 46), National Bureau of Standards, U.S. Department of Commerce, Washington, DC (January, 1977)) and the Rivest-Shamir-Adleman (RSA) scheme (described in R. L. Rivest, A. Shamir, and L. Adleman, "A method of obtaining digital signatures and public-key cryptosystems," Communications of the ACM 21(2), pp. 120-126 (February 1978)) seem most attractive. Although the use of public-key technology offers many advantages, the poor performance of RSA implementations are a major problem. A recent survey of hardware implementations of the RSA algorithm indicates that the fastest available implementations are no faster than 1 Mbps. Significantly faster implementations of the private-key DES algorithm are available in hardware and architectural techniques for further improving its performance have been reported. See 1989 IC MASTER, Fact Sheet, Western Digital WDD20C03A, 1989; VLSI Technology, Inc. VM007 Data Encryption Processor: Advance Information Sheet, 8375 South River Parkway, October, 1991; and Albert G. Broscius, Hardware Analysis and Implementation of the NBS Data Encryption Standard, University of Pennsylvania, School of Engineering and Applied Sciences (April, 1991), MSE Thesis (CIS).
Many applications envisioned for ultra-high-speed networks require cryptographic transformations for data in transit. The need for security and privacy will drive transformations in workstation architectures, especially high-performance communications subsystems. There is a need for apparatus and methods for providing cost-effective and high-performance cryptographic support in high speed networks while sacrificing little in flexibility.